Some external components require some form of authentication before allowing their services to be accessed. Developing components or applications often comes with the question of where to store the respective credentials needed to connect those external services. Oracle FMW provides a Credential Store in which these credentials can be managed in a central and secure place. It also provides a set of functions that can be used with WLST to create, list and edit those credentials. Unfortunately these functions only allow you to create password credentials and not generic credentials. In this blog I will demonstrate how to create these generic credentials using WLST.

OPSS defines two types of credentials: password and generic. Password credentials store user names and passwords and can be created using the createCred function in WLST. Generic passwords encapsulate any customized data or arbitrary token. To create a generic password using WLST you will have to use the JpsCredentialStore MBean. The following code shows how to do it:

The WLST code will change to the domain runtime and then it will access the JpsCredentialSTore MBean. It will then proceed to invoke the ‚assignGenericCredential‘ method passing the corresponding parameters. The first parameter of the assignGenericCredential method is the name oft he map, which will have to exist before creating the credential. The second parameter ist the alias oft he credential. The third parameter is a Serializable object. We can store here any Java object that implements the Serializable interface. The fourth parameter is a description for the credential.

After executing the WLST code we can find our new key in the CredentialStore map.
O

 

There are other operations like assignGenericCredential that will have to be called using the MBean because there are no WLST functions available. You can view them using the FMW MBean Browser

 

References

https://docs.oracle.com/middleware/1212/idm/JISEC/csfadmin.htm#JISEC2948
http://weblogicscripting.blogspot.de/2016/02/how-to-retrieve-oamkeystore-password-in.html